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SYSTEM AND METHOD OF SECURE PAYMENT 
AND DELIVERY OF GOODS AND SERVICES 

Field of the Invention 

5 The invention relates to a system and method for the secure payment and 

delivery of goods and services. More particularly, the invention is a system and 
method in which two or more parties, who have not engaged in any prior business 
transactions, may order goods and services from each other and arrange for 
payment and delivery through a trusted third party. 

10 

Background of the Invention 

With the explosion in Internet access and usage an increasing volume of 
business is occurring between individuals and firms, who have never seen each 
other, let alone engaged in any prior business transactions. Currently, a typical 

1 5 Internet user would have a browser installed in his local computer or server such as 
Internet Explorer™ or Netscape™. Using this browser, the user would access an 
Internet service provider, such as America-On-Line (AOL™), via a modem over the 
local public switched telephone network (PSTN). Once logged onto the Internet 
server, the user may utilize one of the many search engines, such as Yahoo™ or 

20 Lycos™, to specify search terms. The user may also use a web crawler, spider or 
robot to attempt to find a product, service or information desired. The search engine 
or web crawler would then respond with a list of web sites which matched the search 
terms the user provided. The user would then log onto a web site and view the 
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products or services available for sale. If the user decides to buy the item from the 
web site, the firm operating the web site would frequently request a credit card 
number be entered by the user in order to pay for the product or service. Once the 
credit card charge is approved, the operator of the web site will then typically ship the 
item to the user. In the case where the item ordered is digital in format, such as 
software, graphics, text, video, or music, the item ordered maybe downloaded into 
the user's PC, server, lap top, palm computer or other processor-based system. 

With the advent of cellular phones with and without wireless access protocol 
(WAP), a user may also "surf the Internet and order goods and services directly 
through the WAP-capable phone or a processor-based system connected to the 
cellular phone in a similar manner as that used with a PC. Thus, a user may order 
goods and services from anywhere a cellular phone, satellite phone, or other type 
of mobile phone may operate. Therefore, a person could be sitting in the middle of 
a remote area, many miles away from another human being, let alone a telephone 
line, and order a video game from a web site on the other side of the planet and 
download it into his palm computer connected to a cellular or a standalone WAP or 
HTML (Hypertext Markup Language) capable phone and play the game on the spot. 

However, the user or consumer may not know who is operating the web site 
and may have a legitimate fear of supplying a credit card number over the Internet 
to a stranger who may or may not deliver the desired product. Further, the user may 
be concerned that the agreed upon price will not be the price actually charged to his 
credit card. Also, there is no guarantee that the goods will be delivered if the web 
site operator is less than honest. Further, if the user is contacting the web site 
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through a WAP-capable phone or processor connected to a mobile phone, the user 
may desire the digital product to be sent to another computer at a later time rather 
than downloaded to or through the mobile phone since such a digital product may 
be a large file and take a long time to download, which can be expensive because 
5 of the long access time. 

Attempts to alleviate the foregoing problems and facilitate Internet commerce 
have been made by CyberCash, Inc. using CyberCoin™, CyberCash™, and 
InstaBuy™. CyberCoin™ enables a user or consumer to establish an account to be 
used in making small purchases ranging typically anywhere from 25 cents to ten 

10 dollars. A user of CyberCoin™ makes deposits to his account using a major credit 
card, such as for example Visa™ or MasterCard™, in small amounts. When making 
purchases, the user pays for the purchase with the CyberCoin™ account. Since, the 
purchases using CyberCoin™ involve a small amount of money and the web site 
operator does not receive an account number for a major credit card, the risk to the 

1 5 user is reduced. However, there is no guarantee of delivery of the product bought 
or that the correct amount will be charged to the CyberCoin™ account. Also, in the 
case of digital products, no provision is made for later delivery to an alternate 
computer system. Further, even though the amount of money in a CyberCoin™ is 
small, the risk of intercepting such an account number by a third party still exists 

20 even when an encryption algorithm is employed. 

CyberCash™ is a service which offers a web site a more secure method of 
processing credit card purchases by linking the web site to the credit card processor 
using an encryption algorithm. This reduces, but does not eliminate, the risk to the 
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user or consumer that a third party will intercept the credit card number since that 
number and authorization is encrypted. However, again the consumer is not 
guaranteed delivery of the product ordered orthatthe correct amount will be charged 
to the credit card. Also, in the case of digital products, no provision is made for later 
delivery to an alternate computer system. 

InstaBuy™ is a mechanism in which a consumer may establish a password 
protected file of credit card numbers and other information. When making a 
purchase from a web site that is signed up for this service, the consumer enters the 
password and selects from the credit cards listed in his file to make the payment. 
Again, the transaction is encrypted to reduce, but not eliminate, the risk that a third 
party will intercept the credit card number. Further, since the required credit card 
number is entered once, the consumer does not have to enter it for every purchase. 
However, again the consumer is not guaranteed delivery of the product ordered or 
that the correct amount will be charged to the credit card. Also, in the case of digital 
products, no provision is made for later delivery to an alternate computer system. 

Therefore, what is needed are a system and method for a user or consumer 
to order and pay for goods and services without the risk of a third party intercepting 
a credit card number or other method of payment. This system and method should 
also provide a mechanism for the user or consumer to pay for a product without 
supplying a credit card number, or other method of payment, to the content provider, 
but instead pays a trusted party. Further, this system and method should also lock 
or bind the seller of goods and services to a price which the user or consumer was 
initially given and thereby prevent the seller from charging a different price. This 
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system and method should also provide a mechanism in which the consumer may 
be confident of actually receiving the ordered item. Still further, this system and 
method should be able to have the purchased digital item delivered to a location 
other than the location at which the order was placed and at a time the user requests 
5 the delivery. 

Summary of the Invention 

An embodiment of the present invention provides a system, method and 
computer program for ordering, paying for and delivering goods and services. This 

1 0 system, method and computer program begins by a user ordering and paying for a 
content selected from a content provider. The user then calculates and transmits a 
first service response value to the content provider. Thereafter, the network operator 
calculates a second service response value when the user requests the content from 
the network operator. The network operator contacts the content provider to verify 

1 5 that first service response value matches the second service response value. The 
network operator then transmits the content to the user when the first service 
response value matches the second service response value. 

Further, an embodiment of the present invention creates a system, method 
and computer program for ordering, paying for and delivering goods and services. 

20 This system, method and computer program begins by a user ordering a content, 
having a content ID, selected from a content provider. The content provider then 
transmits to the network operator a first service response value, and a mobile 
network identifier received from the user. The network operator then calculates a 
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second service response value and a cipher key and determines if the first service 
response value matches the second service response value. The content provider 
transmits the content to the user, when the first service response value matches 
second service response value. 
5 Still further, an embodiment of the present invention provides for a system, 

method and computer program for ordering, paying for and delivering goods and 
services. This system, method and computer program begins by the user ordering 
a content, having a content ID, selected from a network operator. The user then 
calculates and transmits a first service response value to the network operator. The 
1 0 network operator calculates a second service response value and a cipher key and 
determines if the first service response value matches the second service response 
value. The content ID, and a cipher key are transmitted to the content provider. The 
content is transmitted to the user by the content provider when requested by the 
user. 

15 In addition, an embodiment of the present invention provides for a system, 

method and computer program for ordering, paying for and delivering goods and 
services. This system, method and computer program begins by the user ordering 
a content, having a content ID, selected from a network operator. The user then 
calculates and transmits a first service response value to the network operator. The 

20 network operator calculates a second service response value and a cipher key and 
determines if the first service response value matches the second service response 
value. The network operator transmits the content to the user when requested by 
the user. 
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Also, an embodiment of the present invention provides for a system, method 
and computer program for ordering, paying for and delivering goods and services. 
This system, method and computer program enables a user to select several content 
items from a content provider. The user then calculates and transmits several first 
5 service response values to the content provider. A network operator calculates 
several second service response values when the user requests the content from the 
network operator. The network operator verifies, by contacting the content provider, 
that one first service response values matches one of second service response 
values. The user then receives the content from the network operator when one of 
1 0 the first service response values matches one of the second service response value. 

These and other features of this device and method will become more 
apparent from the following description when taken in connection with the 
accompanying drawings which show, for purposes of illustration only, examples in 
accordance with the present invention. 

15 

Brief Description of the Drawings 

The foregoing and a better understanding of the present invention will become 
apparent from the following detailed description of exemplary embodiments and the 
claims when read in connection with the accompanying drawings, all forming a part 
20 of the disclosure of this invention. While the foregoing and following written and 
illustrated disclosure focuses on disclosing example embodiments of the invention, 
it should be understood that the same is by way of illustration and example only and 
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the invention is not limited thereto. The spirit and scope of the present invention are 

limited only by the terms of the appended claims. 

The following represents brief descriptions of the drawings, wherein: 
FIG. 1 is an example of an overall system diagram of an embodiment of the 
5 present invention; 

FIG. 2 is diagram showing a Global Standard for Mobile (GSM) 

communications authentication algorithm used in the example embodiments of the 

present invention; 

FIG. 3 is a flowchart of a first stage in GSM authentication shown in FIG. 2; 
10 FIG. 4 is a flowchart of a second stage in GSM authentication shown in FIG. 

2; 

FIG. 5 is a flowchart of a first stage of an example embodiment of the present 
invention in which a consumer or user orders and pays for a product from a seller or 
content provider with delivery of the product accomplished through a network 
1 5 operator; 

FIG. 6 is a flowchart of a second stage of an example embodiment of the 
present invention in which a consumer or user orders and pays for a product from 
a seller or content provider with delivery of the product accomplished through a 
network operator; 

20 FIG. 7 is a flowchart of an example embodiment of the present invention in 

which a consumer or user orders and receives a product from a seller or content 
provider and a network operator collects payment or bills for the product; 
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FIG. 8 is a flowchart of a first stage in an example embodiment of the present 
invention in which a consumer or user orders and pays or is billed for a product from 
a network operator and then the consumer or user receives the product from the 
content provider; 

5 FIG. 9 is a flowchart of a second stage in an example embodiment of the 

present invention in which a consumer or user orders and pays or is billed for a 
product from a network operator and then the consumer or user receives the product 
from the content provider; 

FIG. 10 is a flowchart of a first stage in an example embodiment of the 
10 present invention in which a consumer or user orders and pays or is billed for a 
product from a network operator and receives the product from the network operator; 

FIG. 1 1 is a flowchart of a second stage in an example embodiment of the 
present invention in which a consumer or user orders and pays or is billed for a 
product from a network operator and receives the product from the network operator; 
15 FIG. 12 is a flowchart of a first stage in an example embodiment of the 

present invention shown in FIGs. 5 and 6 in which a consumer or user orders several 
different products; 

FIG. 13 is a flowchart of a second stage in an example embodiment of the 
present invention, shown in FIGs. 5 and 6, in which a consumer or user orders 
20 several different products; 

FIG. 14 is a systems diagram of an example embodiment of the present 
invention in which a hashing algorithm is used to lock or bind a seller or content 
provider to a certain price for a product; and 

10 
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FIG. 1 5 is a modular configuration diagram of the embodiments of the present 
invention shown in FIGs 2 through 13. 

DETAILED DESCRIPTION 

5 Before beginning a detailed description of the subject invention, mention of 

the following is in order. When appropriate, like reference numerals and characters 
maybe used to designate identical, corresponding or similar components in differing 
figure drawings. Further, in the detailed description to follow, exemplary 
sizes/models/values/ranges may be given, although the present invention is not 

10 limited to the same. 

FIG. 1 illustrates an example of an overall system diagram of an embodiment 
of the present invention. In this example a mobile station (MS) 10 acts as an 
interface for the user or consumer (not shown) for access to the present invention. 
This mobile station (MS) 10 may be a WAP-capable cellular telephone, a Hypertext 

1 5 Markup Language (HTML) capable cellular telephone, or a cellular telephone with 
a processor-based system connected to it. This processor-based system may be, 
but not limited to, a laptop computer, palm computer, or other portable computing 
devices including the WAP-capable telephone alone. The mobile station (MS) 10 
communicates through the telecom infrastructure 70 to a network operator 20 or a 

20 content provider 30. The interface between the mobile station 10 and the content 
provider 30 and the network operator 20 may be through, but not limited to, an 
Internet protocol packet-switched network such as the Internet 80. However, this 
communications interface may also be a direct communications link provided by the 

11 
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telecom infrastructure 70, such as a cellular telephone network, or a cellular 
telephone network communicating to a PSTN. Therefore, the embodiments of the 
present invention are not limited to communications using the Internet. 

The user or consumer may also communicate with the embodiments of the 
present invention through a personal computer (PC) 40. This personal computer 
may be any processor-based system which may include but not limited to a desk-top 
PC, a server, a laptop computer, or a palm computer. Further, the PC 40 may 
communicate to the network operator 20 or the content provider through Internet 80 
or directly through the PSTN. 

Whether the user or consumer is communicating to the network operator 20 
orthe content provider 30, the user or consumer may purchase and receive content 
50. Content 50 is a product, typically in a digital format which may be, but not limited 
to, software or data. This software may be, but not limited to, a game, or a business 
application software. The data may be, but not limited to, a video, music, or 
information such as stock quotes. As will be discussed in further detail in reference 
to FIGs. 5 through 13, the content 50 may be provided to the user or consumer by 
either the network operator 20 or the content provider 30. Further, this content 50 
may be delivered to either the mobile station (MS) 10 or the PC 40. In addition, 
payment 60 may be made by the user or consumer to either the network operator 
20 or the content provider 30. 

Embodiments of the present invention use the GSM (Global System for 
Mobile Communications) telephony system that employs algorithms in the mobile 
station (MS) 10, such as, but not limited to, cellular phones and WAP-capable 

12 
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cellular phones, and the telecom infrastructure 70 which controls authentication of 
the user to prevent unauthorized access to the network and to provide encryption of 
the transmissions between users. The GSM System is described in depth in the 
publication, "The GSM System for Mobile Communications" by Mouly and Pautet, 
5 Copyright 1 992, which publication is incorporated herein by reference in its entirety. 
Security features of the GSM system are described in pages 477 through 498 of the 
Mouly and Pautet text. Further detail of the GSM system security is provided in ETSI 
publication TS 100 929 V.6.1.0 (1999) entitled "Digital cellular telecommunications 
system (Phase 2+); Security related network functions" (GSM 03.20 version 6.1.0 

10 Release 1997), which is incorporated herein by reference in its entirety. 

Referring to FIG. 2, authentication in a GSM network is performed by the 
generation of a signed response (SRES) 1 50 by both the mobile station (MS) 1 0 and 
the telecom infrastructure 70 which is a function of a unique secret key (Ki) 1 10 of 
the mobile station 10 and a random number (RAND) 150. The signed response 

15 (SRES) 150 is calculated in a subscriber identification module (SIM) (not shown) 
located in the mobile station (MS) 10, based on Ki 1 10 inside the SIM and RAND 140 
obtained from the network authentication center (AuC) (not shown) in the telecom 
infrastructure 70. Additionally, the mobile station (MS) 10 and the telecom 
infrastructure 70 each perform encryption by generating a ciphering key (Kc) 100 

20 which is a function of the same random number RAND 140 and the secret key (Ki) 
110 of the mobile station 10. This authentication algorithm is a two stage process 
described in detail ahead in reference to FIG. 3 and FIG. 4 which employs two 
authentication algorithms. The first authentication algorithm, which calculates SRES 
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150, is known as the A3 algorithm module 120 and the second algorithm which 
computes Kc 100, which is computed each time a mobile station is authenticated, 
is known as the A8 algorithm module 130. However, each of the operations of 
authentication and computing of the ciphering key (Kc) 110 requires the mobile 
5 station (MS) 10 to be programmed to perform the aforementioned computations. 

Still referring to FIG. 2, the telecom infrastructure 70 using GSM 
authenticates the mobile station (MS) 10 whenever a new mobile station (MS) 10 
registers with the telecom infrastructure 70 and whenever a registered mobile station 
(MS) 10 turns on the power. The cryptographic authentication process mentioned 

10 above and discussed in further detail in reference to FIGs. 3 and 4, uses the fact that 
identical computations produce identical results. Authentication in GSM is based on 
a secret key (Ki) 1 10 that is shared by telecom infrastructure 70 and the subscriber 
and which is different for each subscriber. The telecom infrastructure 70 keeps the 
key Ki 1 10 in the AuC and the subscriber has Ki 1 10 installed with SIM card of the 

15 mobile station 10, which he receives from the operator when the subscription 
contract is made. To protect the secrecy of Ki 110, the SIM is made so that the 
mobile station (MS) 10 cannot directly access the value of Ki 110, and can only 
initiate certain computations in the SIM that use Ki 1 10 and then receive the results 
of those computations. Similarly, the elements of the telecom infrastructure 70, such 

20 as home location register (HLR) cannot access subscribers' keys Ki 110 directly. 
These network elements may only request from the AuC a result of computations 
that use Ki 110 as discussed above. These computations are an A3 algorithm 
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module 120 and an A8 algorithm module 130 and are identical in the SIM in the 
mobile station (MS) 10 and in the AuC in the telecom infrastructure 70. 

A discussion will now be supplied involving the logic employed in the 
embodiments of the present invention. Specifically, a discussion will be provided of 
5 the flowcharts illustrated in FIGs. 3 through 13 and the modular configuration 
diagram provided in FIG. 15. The flowcharts shown in FIGs. 3 through 13, as well 
as the modular configuration diagram shown in FIG. 15 contain operations that 
correspond, forexample, to code, sections of code, instructions, firmware, hardware, 
commands or the like, of a computer program that is embodied, for example, on a 
1 0 storage medium such as floppy disk, CD Rom, EP Rom, hard disk, etc. Further, the 
computer program can be written in any language such as, but not limited to, for 
example C++. 

The foregoing mentioned GSM authentication process uses a GSM 
authentication module 1 000, shown in FIGs. 2 and 1 5, which operates in two stages 

1 5 with the first stage being shown in FIG. 3 and the second stage being shown in FIG. 
4. The GSM authentication module 1 000 includes operations 200 through operation 
230 shown in FIG. 3 and operations 240 through 330 shown in FIG. 4. 

In the first stage of GSM authentication, shown in FIG. 3, a telecom 
infrastructure 70 element using GSM authentication module 1000, which is typically 

20 a MSCA/LR (Mobile services Switching Center/Visitor Location Register) receives 
an International Mobile Subscriber Identity (IMSI) from the mobile station (MS) 10 
and requests from the AuC of the telecom infrastructure 70 one or more triplets. 
These triplets are composed of RAND 140, SRES 150, and Kc 100. 
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Referring to FIG. 3, specifically, in the first stage of GSM authentication the 
mobile station (MS) 10, in operation 200, sends an International Mobile Subscriber 
Identity (IMSI) to MSC/VLR in the telecom infrastructure 70. In operation 210, the 
MSC/VLR requests authentication triplet(s) (RAND 140, SRES 150, and Kc 100) 
5 from the AuC in the telecom infrastructure 70. Then in operation 230, the AuC in the 
telecom infrastructure 70 computes one or more triplets (RAND 140, a SRES 150, 
and a Kc 100) and sends them to the MSCA/LR in the telecom infrastructure 70. 

In the second stage of GSM authentication, the GSM authentication module 
1000 starts in operation 240 by the MSCA/LR of the telecom infrastructure 70 

10 authenticating the mobile station (MS) 10 by the MSCA/LR of the telecom 
infrastructure 70 sending to MS 10 authentication request (RAND) in which the 
message contains a RAND 140. Then in operation 250, the MS 10 sends to the 
SIM, contained within MS 10, a run GSM algorithm (RAND) request message which 
again contains RAND 140. In operation 260, MS 10 sends to the SIM a get 

15 response message. Thereafter in operation 270, the SIM replies with a response 
having a SRES 1 50 and Kc 1 00. Then in operation 280, MS 1 0 stores Kc 1 00 in the 
SIM by sending to the SIM a write (Kc) request in which the message contains Kc 
100. In operation 290, the MS 10 sends to MSCA/LR a Radio Interface Layer 3, 
Mobility Management (RIL 3-MM) protocol authentication response in which the 

20 SRES 150 is contained in the message. After receiving the message in operation 
290, in operation 300 the MSCA/LR, in the telecom infrastructure 70, compares 
SRES 150 that it has received from AuC, also in the telecom infrastructure 70, in 
stage one of GSM authentication discussed in reference to FIG. 3, with the SRES 

16 
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150 received from the MS 10 in operation 310. If the values of the SRES 150 are 
determined not to be identical in operation 310, then processing proceeds to 
operation 330 where authentication fails and service is not established. However, 
if the values are identical in operation 310 then authentication succeeds and service 
5 is established in operation 320. 

Specific example embodiments of the present invention will now be discussed 
in reference to FIGs. 5 through 13 and FIG. 15. As would be appreciated by one of 
ordinary skill in the art, numerous variations to these embodiments are possible and 
these example embodiments of the invention are not intended to limit the scope of 

10 the invention as provided by the claims. 

The first example embodiment of the present invention is shown in two stages 
FIGs. 5 and 6. To summarize, a user or consumer registers with and pays the 
content provider 30 for a selected content 50, but the content 50 is distributed by 
network operator 20. The payment that the content provider 30 gives the network 

15 operator 20 may be based on, but not limited to, the amount of distributed copies of 
the content 50. 

More specifically, once the user or consumer has been authenticated by the 
GSM authentication module 1000, as discussed in reference to FIGs. 3, 4 and 15, 
the user or consumer may execute business model A 1 1 00, shown in FIG. 1 5, which 
20 includes operations 340 through 360, shown in FIG. 5, and operations 370 through 
450, shown in FIG. 6. In operation 340, the user or consumer visits, for example, a 
web site of a content provider 30. While visiting the web site, the user or consumer 
chooses a content 50 item, such as, but not limited to a new game, and pays for it. 
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This payment 60 may be in the form of providing a credit card number, by money 
transfer, or by any other way available. This transaction may be encrypted to reduce 
the risk of a third party intercepting it. In operation 350, after the payment process 
is completed and approved, the user or consumer receives from a content provider 
5 30 an identifier of the content (CID - content identification), and a random number 
(RAND) 140, which he uses to compute SRES 150 as was done in the previous 
discussion in reference FIGs. 2 and 3. In this embodiment, the CID may be used to 
both identify the content 50 and the content provider 30 that supplies the content 50. 
This transaction may also be encrypted to reduce the risk of a third party 

1 0 intercepting it. Then in operation 360, the user or consumer then sends a first SRES 
1 50 to content provider 30. Content provider 30 stores the triplet having CID, RAND 
140, and SRES 150 in the content provider's 30 database. This stored triplet serves 
as proof that the user or consumer, has the ability to compute SRES 1 50 from RAND 
140 and has paid for the content 50 as identified by the CID. 

1 5 As mentioned above, operations 340 and 350 should be encrypted to reduce 

the possibility of a third party from learning, for example, the user's or consumer's 
credit card number and the value of RAND 140. This encryption may be done, for 
example, by encrypting the communication between user and content provider 30 
using any of the well known methods, such as a SSL protocol, as discussed in the 

20 Internet Draft specification from the Transport Layer Security Working Group entitled 
"The SSL Protocol Version 3.0" by Freier et al. and dated November 18, 1996, 
herein incorporated by reference in its entirety. 
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The second stage of business model A 1100, shown in operations 370 
through 450 of FIG. 6 and FIG. 1 5, is executed when the user wants to download the 
content 50. In operation 370, the user or consumer sends to the network operator 
20 the content identifier (CI D) and RAND 1 40 and then computes a ciphering key Kc 
5 100 using the RAND 140 and his secret key Ki 1 10, as previously discussed forthe 
GSM authentication module 1000. In an alternative implementation of this example 
embodiment of this invention, the user or consumer may send both RAND 140 and 
SRES 150 to the network operator 20. 

Once the network operator 20 receives the CID and RAND 140 from the user 

10 or consumer, then in operation 380 the network operator 20 computes a second 
SRES 1 50 and Kc 1 00 using A3 Algorithm module 1 20 and A8 Algorithm module 1 30 
from the RAND 140. In operation 390, the network operator 20 sends the triplet 
(CID, RAND 140, SRES 150) to content provider 30. Then in operation 400, content 
provider 30 checks if the triplet (CID, RAND 140, SRES 150) is stored in its 

15 database. In operation 410, it is determined if the triplet received from network 
operator has a matching triplet stored in the content provider 30 database. If a 
match is not found, then in operation 420 the content provider 30 returns a negative 
acknowledgment to the network operator 420 and processing terminates. If a match 
is found, then in operation 430 a positive acknowledgment is sent to network 

20 operator 20. After receiving positive acknowledgment in operation 430, network 
operator 20 encrypts the content 50 with ciphering key Kc 100 and sends it to the 
user or consumer at the mobile station 10 or PC 40 in operation 440. Then in 
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operation 450, the user or consumer decrypts the content 50 using the key Kc 100 
and installs it on his mobile station 10 or PC 40. 

The accounting or payment provisions between content provider 30 and 
network operator 20 may be based on the amount of positive acknowledgments 
5 received by the network operator 20. To prevent disputes between content provider 
30 and network operator 20, it is possible for the acknowledgments to be digitally 
signed by the content provider 30. In addition, if we wish to prevent third party from 
learning the transactions between network operator 20 and content provider 30, then 
the messages sent in operations 390 and 400 may be encrypted. Encryption of 

10 content 50 in operation 440 may be accomplished using an encryption of speech 
algorithm on the GSM radio path. Also, some other methods of encryption using Kc 
100 as the encryption key may be used. 

FIG. 7 is a flowchart of business model B 1200, shown in FIG. 15, in which a 
consumer or user orders and receives a content 50 from content provider 30 and a 

15 network operator 20 collects payment 60 or bills for the product. Business model 
B 1200 includes operations 460 through 530 shown in FIG. 7. 

To summarize, business model B 1200 enables the user or consumer to 
register with a content provider 30 and download content 50 from the server of the 
content provider 30. The network operator 20 then collects the payment 60 from the 

20 user or consumer on behalf of the content provider 30. The price of the content 50 
may be added to the telephone bill of the consumer or user. The payment 60 that 
network operator 20 gives to the content provider 30 may be based on, but not 
limited to, the amount of distributed copies of the content 50. 
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Referring to FIG. 7, the business model B 1200 begins execution in operation 
460 by the user or consumer visiting, for example, a web site of a content provider 
30 where he orders a content 50 item, such as a new game. In operation 470, the 
content provider 30 sends the user a random number (RAND) 140. The user 
5 computes a first SRES 150 using A3 algorithm module 120 and Kc 100 using A8 
algorithm 130 and sends SRES 150 back to the content provider 30, together with 
his mobile network identifier. This mobile network identifier may include a location 
area identity (LAI) and Temporary Mobile Subscriber Identity (TMSI). However, the 
user may also supply the content provider 30 with an alias which the network 

1 0 operator 20 may use to lookup the mobile network identifier. In operation 480, the 
content provider 30 sends the content identifier, CID, the mobile network identifier 
and the pair (RAND 140, SRES 150) to the network operator 20. Thereafter in 
operation 490, the network operator 20 computes a second SRES 150 and Kc 100 
from RAND 140 using A3 algorithm module 120 and A8 algorithm module 1 30. This 

15 calculation is based on the secret key Ki 110 that is stored in the authentication 
center AuC that is part of the telecom infrastructure 70. In operation 500, a 
determination is made if the computed value of SRES 150 is the same as the value 
received from the content provider 30. If the two do not match then processing 
proceeds to operation 51 0 where a negative response is sent to the content provider 

20 30. If the two SRES 1 50 values do match, then processing proceeds to operation 
520. In operation 520, the network operator 20 charges the user or consumer for the 
content 50 and transmits a positive acknowledgment containing the key Kc 100, 
which enables content provider 30 to encrypt the content 50. Thereafter, in 
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operation 530, the content provider 30 sends the content 50 to the user or consumer 
encrypted based on Kc 100. The content provider 30 then stores the triplet (CID, 
RAND 140, SRES 150) in his database. This stored triplet serves as proof that a 
user or consumer having the capability of computing SRES 1 50 from RAND 1 40 has 
5 been charged by the network operator 20 for the content 50 identified by the CID. 

The business agreement between content provider 30 and network operator 
20 may be based on the number of positive acknowledgments given to content 
provider 30 in operation 520. Further, for security it is preferred that operations 480 
and 490 be authenticated by, for example, a digital signature and be encrypted to 

1 0 reduce the possibility of interception by a third party. 

FIGs. 8 and 9 are flowcharts illustrating a two stage process in which a 
consumer or user orders and pays, or is billed, for a content 50 by a network 
operator 20 and then the consumer or user receives the content 50 from the content 
provider 30. Operations 540 through 700 illustrated in FIGs. 8 and 9 are performed 

15 by a business model C module 1300 shown in FIG. 15. This business model C 
module 1300, as with all the modules shown in FIG. 15, contain operations that 
correspond, forexample, to code, sections of code, instructions, firmware, hardware, 
commands or the like, of a computer program. 

Referring to FIG. 8, in operation 540, the user or consumer visits a web site 

20 of a network operator 20. The user or consumer selects a content 50, such as a new 
game, with an identifier CID associated with it. Then in operation 550 the network 
operator 20 sends the consumer or user a random number RAND 140 to which the 
user replies with a first SRES 1 50 calculated using the A3 algorithm module 1 20. In 
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operation 560, it is determined whether the value of SRES 150 received from the 
user or consumer matches the value of a second SRES 150 computed by the 
network operator 20. If the two values do not match then processing proceeds to 
operation 570 where the transaction fails and processing terminates. If the two 
5 values match, then processing proceeds operation 580 where the network operator 
20 charges the user or consumer the payment 60 for the content 50 by, for example, 
adding the price of the content 50 to the phone bill. Then in operation 590, the 
network operator 20 sends the content identifier, CID, and the triplet (RAND 140, 
SRES 150, Kc 100) to the content provider 30. Upon receipt of the CID and triplet, 

1 0 the content provider 30 stores (CID, RAND 1 40, SRES 1 50, Kc 1 00) in its database. 
In order to reduce the risk of third party interception, the foregoing message should 
be authenticated by, for example, a digital signature and also encrypted to ensure 
secrecy of the values of RAND 140, SRES 150, and Kc 100. 

The second stage of the business model C module 1300, shown in FIG. 9, 

15 begins when the user or consumer wants to download the content 50. This may 
occur at any time after the first stage of the business model C module 1300 has 
completed as shown and discussed in reference to FIG. 8. 

Referring to FIG. 9, in operation 600 the user visits, for example, the web site 
of the content provider 30 and sends to the content provider 30 the CID received in 

20 operation 540 of FIG. 8, RAND 140 received in operation 550 of FIG. 8, as well as 
encrypted copies of Kc 100 and SRES 150 calculated in operation 550 of FIG. 8. 
SRES 150 is encrypted to prevent a third party who has intercepted the RAND 140 
and SRES 1 50 in operation 550 of FIG. 8 from impersonating the user or consumer. 



ATSK Reference No.: 017.37999X00 
Nokia Reference No.: 27309 

In operation 610, the content provider 30 searches its database for CID, RAND 140, 
SRES 150, and Kc 100. If it is determined, in operation 620, that matching values 
are not found, then processing proceeds to operation 630 where a negative 
acknowledgment is given to the user or consumer and processing terminates. 
However, if operation 620 determines that a matching entry is found, then processing 
proceeds operation 640 where the content provider 30 decrypts Kc 100 and SRES 
1 50. If, in operation 650, the value of the first SRES 1 50 received from the user or 
consumer is determined not to match the value of the second SRES 1 50 previously 
given by the network operator 20, then processing proceeds to operation 660 where 
the transaction fails and processing terminates. However, if a match is found in 
operation 650, then the content provider 30 encrypts the content 50 using Kc 100 
and transmit the content 50 to the user or consumer at either MS 10 or PC 40, 
wherever the user or consumer is located. 

Using the business model C module 1300 the user or consumer remains 
anonymous to the content provider 30 which the user or consumer may not know 
and trust. Further, it is also less likely that the user's identity will be sold to a 
marketing organization and his credit number, or other method of payment, could be 
intercepted by a third party. 

FIGs. 10 and 1 1 are flowcharts of a two stage embodiment of the present 
invention in which a consumer or user orders and pays, or is billed for, a content 50 
from a network operator 20 and receives the content 50 from the network operator 
20 using the business model D module 1400, shown in FIG. 15. By using business 
model D module 1400, the user or consumer has no contact with the content 
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provider 30. The network operator 20 both distributes the content 50 and collects 
the payment 60 for it on behalf of the content provider 30. The price of the content 
50 may be simply added to the telephone bill of the user or consumer. The payment 
60 that network operator 20 gives content provider 30 may be based on the amount 
5 of distributed copies of the content 50 or other suitable agreement. The advantage 
to the user or consumer is that he is dealing with an entity he is familiar with and 
trusts. The advantage to the content provider 30 is that he simply supplies the 
content 50 to the network operator 20 and everything else is taken care of by the 
network operator 20. 

10 The business model D module 1400 includes operations 710 through 840 

shown in FIGs. 1 0 and 1 1 . Referring to FIG. 1 0, the business model D module 1 400 
starts in operation 710 by the user visiting, for example, the web site of the network 
operator 20 where he selects a content 50, such as a new game having a CID 
associated with it. In operation 720, the network operator 20 sends the user or 

1 5 consumer a random number (RAND) 140 to which the user replies with a first SRES 
150 calculated using A3 algorithm module 120. Then in operation 730, the network 
operator compares the value of SRES 150 received from the user or consumer to 
see if it matches the value of a second SRES 1 50 computed by the network operator 
20 also using the A3 algorithm module 120. If the two SRES 150 values do not 

20 match then processing proceeds to operation 740 where a transaction failure is 
reported to the user or consumer. If a match is found in operation 730, then network 
operator 20 charges the user for the content 50. Thereafter the network operator 20 
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stores, in operation 760 the triplet having CID, RAND 140, SRES 150, and Kc 100 
in its database. 

The second stage of the business model D module 1400 occurs when the 
user 50 wants to download the content 50. This may be substantially after the first 
5 stage of the business model D module 1400, shown in FIG. 10, completes and 
begins by the user or consumer visiting the web site of the network operator 20 and 
sending the network operator 20 the CID, RAND 140, and encrypted Kc 100 and 
SRES 150, in operation 770, shown in FIG. 11. The encryption of SRES 150 
reduces the risk of a third party intercepting the SRES 150 and impersonating the 

1 0 user or consumer. Thereafter, in operation 780 the network operator 20 searches 
its database for the CID, RAND 140, SRES 150, and Kc 100. If a matching entry is 
not found then a negative acknowledgment is sent to the user in operation 800 and 
processing terminates. If a matching entry is found in operation 790, then in 
operation 810 the network operator 20 decrypts Kc 100 and SRES 150. If the 

15 decrypted SRES 150 value does not match the stored SRES 150 value, then 
processing proceeds to operation 830 where a transaction failure is reported to the 
user or consumer and processing terminates. However, if the value of SRES 1 50 
received from the user matches the previously stored value of SRES 150, then 
processing proceeds to operation 840 where the network operator 20 encrypts the 

20 content 50 with Kc 1 00 and sends it to the user or consumer located at MS 1 0 or PC 
40. 

A further embodiment is possible for the present invention as provided in 
business model E module 1500, shown in FIG. 15, which includes operations 850 
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through 960 shown in FIGs. 12 and 13. Business model E module 1500 is similar 
to business model A module 1 100 with the exception that business model E module 
1 500 enables the user or consumer to purchase several content 50 items at once. 
As with business model A module 1100, business model E module 1500 enables 
5 the user or consumer to register with and pay the content provider 30, but the 
content 50 is distributed by network operator 20. The fee given by content provider 
30 to network operator 20 may be based on the amount of distributed copies of the 
content 50. The business model E module 1 500 operates in two stages. In the first 
stage, shown in FIG. 12, the transactions between user or consumer and content 

1 0 provider 30 take place. 

Referring to FIG. 12, in operation 850 the user or consumer visits, for 
example, the web site of content provider 30 where he selects several content 50 
items and pays for them by, for example, giving his credit card number, by money 
transfer, or by any other method available. This transaction should be encrypted to 

1 5 prevent a third party from intercepting the transaction. In operation 860, the user or 
consumer receives from the content provider 30 a serial number of the purchase, N, 
a list of identifiers of the content (CID1 , CID2,...CIDn) and a list of random numbers 
140 (RAND1, RAND2,..., RANDn). The user or consumer then calculates a first 
series of SRES 150 values (SRES1, SRES2 SRESn) based on the series of 

20 RAND 140 values (RAND1 , RAND2,..., RANDn) supplied using A3 algorithm module 
120 previously discussed. Thereafter, in operation 870, the user or consumer sends 
the first series of SRES 1 50 values (SRES1 , SRES2, ... SRESn) to content provider 
30. The content provider 30 stores the three series of items (CID1, CID2, ... CIDn), 
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(SRES1 , SRES2, ... SRESn) and (RAND1 ,RAND2, ... RANDn) in his database. This 
database entry is indexed by the serial number of the purchase N. Each entry has 
also a series of Boolean variables (M1,M2, ... Mn) associated with it, which are all 
initially set to 1 . The stored data acts as proof that user or consumer has the 
5 capability to compute a series of SRES 150 values from a series of RAND 140 
values and has paid for the series of contents 50 identified by the series of CID 
values. 

Operations 850 and 860 should be encrypted to reduce the risk of a third party 
intercepting the information and learning the user's credit card number and the value 
10 of RAND 140. This can be done, for example, by encrypting the communication 
between the user and content provider 30 using one of the known methods, such as 
an SSL protocol. 

Referring to FIG. 13, the second stage of processing for business model E 
module 1500 occurs when the user wants to download one of the content 50 items 

1 5 which was paid for in the first stage. For example, let the identifier of the content 50 
desired be CID2. In operation 880, the user or consumer sends to network operator 
20 the serial number of the purchase N, the number of the identifier on the list, 
which is 2, the content identifier CID2 and RAND2. The user of consumer MS 10 
then computes a ciphering key Kc 100 using RAND2 140 and his secret key Ki 1 10 

20 using A8 algorithm module 130. In an alternative embodiment of business model E 
module 1 500 the user consumer sends both RAND2 140 and SRES2 1 50. Then in 
operation 890, the network operator 20 computes a second SRES2 150 value using 
A3 algorithm module 130 and Kc 100 using A8 algorithm module 130 from RAND2 
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as previously discussed. In operation 900, the network operator 20 transmits N, 2, 
CID2, RAND2 140, and SRES2 150 to the content provider 30. Upon receipt, the 
content provider 30 checks if CID2, RAND2 140, and SRES2 150 are stored in the 
second item of the list in its database for entry N, in operation 920. If entry N does 
5 not exist then processing proceeds to operation 930 in which content provider 30 
sends a negative acknowledgment to the network operator 20 and processing 
terminates. However, if entry N does exist then processing proceeds to operation 
940 at which time it is determined if M2=1. If M2...1 then this indicates that the 
second item has been consumed by the user, and processing again proceeds to 

1 0 operation 930 as previously discussed and processing halts. However, if M2=1 then 
processing proceeds to operation 950 and the content provider 30 sends a positive 
acknowledgment to network operator 20. After receiving positive acknowledgment 
the network operator 20 encrypts the content 50 with ciphering key Kc 100 and 
sends it to the user, in operation 910. The user then decrypts the content 50 using 

15 the key Kc 100 and installs it on his mobile station 10 or PC 40. 

As would be appreciated by one of ordinary skill in the art, business model B 
module 1200, business model C module 1300 and business model D module 1400 
may be modified in a similar fashion as was done to business model A module 1 1 00 
to create business model E module 1500 so that a consumer may order several 

20 content 50 items. 

It is possible to modify business model B module 1200 further so as to bind 
or force the content provider 30 to a certain price for the product. By using this 
binding mechanism on the content provider30, the user or consumer can be assured 
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that he will not be charged a different price for a content 50 item ordered. There 
exist two mechanisms to bind a content provider 30 to a certain price. The first 
method uses a one-way hash function and the second method uses Kc 100. 

The fundamental reason for binding a content provider 30 to a price for a 
content 50 is that the user or consumer may have concerns in dealing with an 
unknown content provider 30. This concern may be unnecessary when the content 
provider 30 is a large organization with a strong reputation to protect. But there is 
no fundamental reason preventing anyone from becoming a content provider 30 and 
exploiting these mechanisms. Consequently, a user or consumer may not 
necessarily fully trust a content provider 30. If content provider 30 is not fully trusted 
by the user, the foregoing embodiments of the present invention should be 
strengthened. This is because when a user initiates a transaction with a malicious 
content provider 30, it could use the information learned during this transaction (i.e., 
the pair (RAND 140, SRES 150)) to make a purchase from a different content 
provider 30 while pretending to be the user. The cost of the purchase from the other 
content provider 30 could then be added to the user's bill. Or more simply, the user 
could be charged a higher price for content 50 or even pay for a content 50 that he 
was not ordered. 

Referring to FIG. 14, a one-way hash function H 1 90 is a function which takes 
an arbitrary length input and produces a fixed length output. Further, the function is 
easy to compute, but the inverse of the function is nearly impossible to determine. 
MD5 and SHA-1 are examples of popular one-way hash functions described on 
pages 347-349 of Chapter "Hash Functions and Data Integrity," of Handbook of 

30 
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Applied Cryptography by A. J. Menezes et al., published by CRC Press, Inc. in 1 997, 
ISBN 0-8493-8523-1, incorporated herein by reference. Both the user and the 
network operator 20 compute SRES 150 using H 190, as shown in FIG. 14, and any 
suitable hash function for H 190 which takes three inputs (RAND 140, Seller ID 170, 
5 price 180) or the inputs can be concatenated into a single string before being fed to 
a one-way hash function H 190. Using this one-way hash function (H) 190, the 
identity of the content provider 30, represented by the seller ID 170, the price 180 of 
the content 50 and the random number (RAND) 140 are bound together (hashed) 
into a single fixed variable called the hashed random number (RAND') 160. The 

1 0 response SRES 1 50 is computed using the A3 algorithm 1 20 with Ki 1 1 0 and RAND' 
1 60 as inputs. Processing then proceeds similarly to business model B 1 200 module 
as discussed above in reference to FIG. 7, with the user sending SRES 150 to the 
content provider 30. Content provider 30 sends CID, RAND 140, Seller ID 170 and 
the price 180 to network operator 20. Network operator 20 computes SRES 1 50 as 

15 shown in FIG. 14. It should be noted that if a content provider 30 changes one of the 
quantities (for example the price 180) that are bound together with H 190 before he 
sends them to network operator 20, then the value of the second SRES 150 
computed by the network operator 20 will not match the value of the first SRES 1 50 
that was computed by the user and forwarded to the network operator 50 by the 

20 content provider 30. As a result of the mismatch in computed SRES 1 50 values the 
transaction will be rejected by the network operator as possibly fraudulent. In this 
way the binding mechanism, shown in FIG. 14, protects the user from fraud by 
dishonest content providers 30. 
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Another embodiment which would modify business model B module 1200 
and bind the content provider 30 to a certain price for the content 50 employs Kc 
100. In business model B module 1200, the network operator 20 gives Kc 100 to the 
content provider 30 . This is necessary when the content provider 30 needs to 
5 confidentially transfer information back to the user. However, in some scenarios it 
may not be necessary to reveal Kc 100 to the content provider 30. In this case, the 
binding could be achieved by encrypting with Kc 100. The user transmits his mobile 
network identifier, SRES 150, Seller ID, and price 180 he has agreed to pay to the 
content provider 30 encrypted with Kc 100. The content provider 30 forwards this 

1 0 to the network operator 20 along with his own version of Seller ID 1 70 and price 1 80 
unencrypted. The network operator 20 can decrypt the encryption to recover SRES 
150, Seller ID 170 and price 180 and check if the latter two items match what the 
content provider 30 sent unencrypted. The remainder of the processing remains 
unchanged from that shown in business model B module 1200 discussed in 

15 reference to FIG. 7. 

A further embodiment may be realized in business model A module 1 1 00 and 
business model D module 1400 through the use of a stronger password from Kc 100 
by means of additional cryptographic protocol. Such protocol is described in U.S. 
Patent Numbers 5,241 ,599 and 5,440,635 to Bellovin, et al., incorporated herein by 

20 reference. Using this cryptographic protocol in which Kc 100 is the seed, it is 
possible to transform a weak shared password (Kc 100), into a strong shared 
password (Kc 1 00). 
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Using the foregoing embodiments of the present invention, the sale and 
access to content 50 is simple and secure using the GSM authentication system and 
method discussed in reference to FIGs. 2 through 4 and 1 5 above in conjunction with 
the business model A module 1 1 00, business model B module 1 200, business model 
5 C module 1300, business model D module 1400 and business model E module 
1500. A user or consumer is secure in the knowledge that he will not be 
overcharged for a content 50 and that he will receive delivery of content 50. The 
implementation of the present invention is simplified since there is no need to change 
the GSM authentication center AuC in the telecom infrastructure 70. 

10 While we have shown and described only a few examples herein, it is 

understood that numerous changes and modifications as known to those skilled in 
the art could be made to the present invention. For example, instead of down 
loading content after the payment, the user may be granted access to a shared 
network resource. In this way, the user may be granted access rights to a networked 

1 5 game server. If the access rights are temporary, then the expiration time of those 
rights may be stored together with CID, RAND 140 and SRES 150. Instead of 
paying for content 50 the user may just registers with the content provider 30. The 
encryption of content 50 may be accomplished in the same way as the encryption 
of speech on the GSM radio path. It is also possible to implement payment 60 and 

20 access control based on same kind of mechanism (smart cards (SIM), random 
number (RAND) 1 40, and service response (SRES) 1 50) when the user has a smart 
cards, similar to the SIM, but is not a subscriber of a network operator 20. Further, 
the user's portion of the authentication mechanism can be implemented on a PC, 
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without a smart card. Therefore, we do not wish to be limited to the details shown 
and described herein, but intend to cover all such changes and modifications as are 
encompassed by the scope of the appended claims. 
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CLAIMS 



We Claim: 



1 1. A method of ordering, paying for and delivering goods and services, 

2 comprising: 

3 ordering and paying for a content by a user selected from a content provider; 

4 transmitting a first service response value calculated by the user to the 

5 content provider; 

6 calculating a second service response value by a network operator when the 

7 user requests the content from the network operator; 

8 verifying, by the network operator contacting the content provider, that the first 

9 service response value matches the second service response value; and 

10 transmitting the content to the user by the network operator when the first 

1 1 service response value matches the second service response value. 

1 2. The method recited in claim 1 , wherein the first service response value 

2 is calculated by the user based on a random number supplied by the content 

3 provider and a first secret key possessed by the user. 

1 3. The method recited in claim 1 , wherein the second service response 

2 value is calculated by the network operator based on the random number received 
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3 from the user and a second secret key possessed by the network operator and 

4 associated with the user. 

1 4. The method recited in claim 2, wherein the first secret key is contained 

2 in a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile station may not 

4 discover the value of the secret key. 

1 5. The method recited in claim 3, wherein the second secret key is stored 

2 in an authentication center of a telecom infrastructure operated by the network 

3 operator and the first secret key and the second secret key are identical and 

4 assigned when the user subscribes for a telecommunication service provided by the 

5 network operator. 

1 6. The method recited in claim 4, wherein the first service response value 

2 is calculated by an A3 algorithm module contained in the subscriber identification 

3 module of the mobile station based on the first secret key and the random number. 

1 7. The method recited in claim 5, wherein the second service response 

2 value is calculated by an A3 algorithm module, contained in the authentication center 

3 of the telecom infrastructure, based on the second secret key, contained in the 

4 authentication center of the telecom infrastructure, and the random number. 
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1 8. The method recited in claim 6, wherein the mobile station is a cellular 

2 phone with GSM authentication capability connected to a processor based system, 

3 or a WAP-capable cellular phone with GSM authentication capability, or a HTML 

4 capable cellular phone with GSM authentication capability. 

1 9. The method recited in claim 7, wherein the content is encrypted by the 

2 network operator using a cipher key, calculated by an A8 algorithm module based 

3 on the random number and the second secret key, prior to transmitting the content 

4 to the user. 



1 10. The method recited in claim 8, further comprising: 

2 decrypting the content by the mobile station using an A8 algorithm module 

3 contained in the subscriber identification module of the mobile station to generate the 

4 cipher key based on the random number and the first secret key. 



1 11. The method recited in claim 9, wherein the cipher key is used as a seed 

2 to a cryptographic protocol which transforms the cipher key into a stronger cipher 

3 key. 

1 12. The method recited in claim 1, wherein the user pays the content 

2 provider for the content, using a credit card, debit card, or electronic transferral of 

3 funds. 
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1 13. A method of ordering, paying for and delivering goods and services, 

2 comprising: 

3 ordering a content having a content ID by a user selected from a content 

4 provider; 

5 transmitting a first service response value, a mobile network identifier, and a 

6 cipher key by the user to the content provider; 

7 transmitting the first service response value, the mobile network identifier, and 

8 the random number to a network operator by the content provider; 

9 calculating a second service response value and a cipher key by a network 

10 operator and determining if the first service response value matches the second 

1 1 service response value; and 

12 transmitting the content to the user, when the first service response value 

13 matches second service response value, by the content provider. 

1 14. The method recited in claim 13, wherein the first service response value 

2 is calculated by the user based on a random number supplied by the content 

3 provider and a first secret key contained in a subscriber identification module 

4 provided by the network operator and contained in a mobile station. 

1 15. The method recited in claim 13, wherein the second service response 

2 value and a cipher key are calculated based on the random number, and a mobile 

3 network identifier, used to access a second secret key located in a authentication 

4 center of a telecom infrastructure, received from the content provider. 
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1 16. The method recited in claim 14, wherein the first secret key is not 

2 accessible directly by the user or the mobile station and the value of the secret key 

3 may not be discovered by the user, but is identical to the second secret key and both 

4 the first secret key and the second secret key are assigned when the user 

5 subscribes for a telecommunication service provided by the network operator. 

1 1 7. The method recited in claim 1 6, wherein the first service response value 

2 is calculated by an A3 algorithm module contained in the subscriber identification 

3 module of the mobile station based on the first secret key and the random number. 

1 18. The method recited in claim 1 5, wherein the second service response 

2 value is calculated by an A3 algorithm module, contained in the authentication center 

3 of the telecom infrastructure, based on the second secret key, contained in the 

4 authentication center of the telecom infrastructure, and the random number. 

1 19. The method recited in claim 17, wherein the mobile station is a cellular 

2 phone with GSM authentication capability connected to a processor based system, 

3 or a WAP-capable cellular phone with GSM authentication capability, or a HTML 

4 capable cellular phone with GSM authentication capability. 

1 20. The method recited in claim 1 8, wherein the content is encrypted by the 

2 network operator using the cipher key, calculated by an A8 algorithm module based 
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3 on the random number and the second secret key, prior to transmitting the content 

4 to the user. 

1 21. The method recited in claim 19, further comprising: 

2 decrypting the content by the mobile station using an A8 algorithm module 

3 contained in the subscriber identification module of the mobile station to generate a 

4 cipher key based on the random number and the first secret key. 

1 22. The method recited in claim 13, wherein the user is billed by the 

2 network operator for the content in a telephone bill. 

1 23. The method recited in claim 13, further comprising: 

2 hashing, by the user, a price of the content, the random number and a seller 

3 ID to create a hashed number; 

4 computing, by the user, the first service response value based on the secret 

5 key and the hashed random number; 

6 transmitting, by the user, the first service response value to the content 

7 provider; 

8 transmitting, by the content provider, the random number, the seller ID the 

9 price of the content and the first service response to the network operator; 

10 computing, by the network operator, the second service response value based 

1 1 on the secret key, the price transmitted by the content provider and the random 

12 number; 
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13 verifying, by the network operator that the first service response value 

14 matches the second service response value; and 

15 billing the user, by the network operator, the price when the first service 

1 6 response value matches the second service response value in a telephone bill. 

1 24. The method recited in claim 20, wherein the cipher key is used as a 

2 seed to a cryptographic protocol which transforms the cipher key into a stronger 

3 cipher key. 

1 25. A method of ordering, paying for and delivering goods and services, 

2 comprising: 

3 ordering a content from a network operator, having a content ID selected by 

4 a user; 

5 transmitting a first service response value calculated by the user to the 

6 network operator; 

7 calculating a second service response value and a cipher key by a network 

8 operator and determining if the first service response value matches the second 

9 service response value; 

10 transmitting the content ID, and a cipher key to the content provider; and 

1 1 transmitting the content to the user by the content provider when requested 

12 by the user. 
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1 26. The method recited in claim 25, wherein the first service response value 

2 is calculated by the user based on a random number supplied by the network 

3 operator and a first secret key possessed by the user. 



1 27. The method recited in claim 25, wherein the second service response 

2 value is calculated by the network operator based on the random number and a 

3 second secret key possessed by the network operator and associated with the user. 



1 28. The method recited in claim 26, wherein the first secret key is contained 

2 in a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile station may not 

4 discover the value of the secret key. 

1 29. The method recited in claim 27, wherein the second secret key is 

2 stored in an authentication center of a telecom infrastructure operated by the network 

3 operator and the first secret key and the second secret key are identical and 

4 assigned when the user subscribes for a telecommunication service provided by the 

5 network operator. 

1 30. The method recited in claim 28, wherein the first service response value 

2 is calculated by an A3 algorithm module contained in the subscriber identification 

3 module of the mobile station based on the first secret key and the random number. 
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1 31. The method recited in claim 29, wherein and the second service 

2 response value is calculated by a A3 algorithm module, contained in the 

3 authentication center of the telecom infrastructure based on the second secret key, 

4 contained in the authentication center of the telecom infrastructure, and the random 

5 number. 

1 32. The method recited in claim 30, wherein the mobile station is a cellular 

2 phone with GSM authentication capability connected to a processor based system, 

3 or a WAP-capable cellular phone with GSM authentication capability, or a HTML 

4 capable cellular phone with GSM authentication capability. 

1 33. The method recited in claim 31 , wherein the content is encrypted by the 

2 content provider using a cipher key, calculated by an A8 algorithm module based on 

3 the random number and the second secret key and supplied by the network 

4 operator, prior to transmitting the content to the user. 

1 34. The method recited in claim 32, further comprising: 

2 decrypting the content received by from the content provider by the mobile 

3 station using an A8 algorithm module contained in the subscriber identification 

4 module of the mobile station to generate a cipher key based on the random number 

5 and the first secret key. 
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1 35. The method recited in claim 33, wherein the cipher key is used as a 

2 seed to a cryptographic protocol which transforms the cipher key into a stronger 

3 cipher key. 

1 36. The method recited in claim 25, wherein the user is billed by the 

2 network operator for the content in a telephone bill. 

1 37. A method of ordering, paying for and delivering goods and services, 

2 comprising: 

3 ordering a content, having a content ID, by a user selected from a network 

4 operator; 

5 transmitting a first service response value calculated by the user to the 

6 network operator; 

7 calculating a second service response value and a cipher key by a network 

8 operator and determining if the first service response value matches the second 

9 service response value; and 

1 0 transmitting the content to the user by the network operator when requested 

1 1 by the user. 

1 38. The method recited in claim 37, wherein the first service response value 

2 is calculated by the user based on a random number supplied by the network 

3 operator and a first secret key possessed by the user. 
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1 39. The method recited in claim 37, wherein the second service response 

2 value is calculated by the network operator based on the random number and a 

3 second secret key possessed by the network operator and associated with the user. 

1 40. The method recited in claim 38, wherein the first secret key is contained 

2 in a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile station may not 

4 discover the value of the secret key. 

1 41. The method recited in claim 39, wherein the second secret key is 

2 stored in an authentication center of a telecom infrastructure operated by the network 

3 operator and the first secret key and the second secret key are identical and 

4 assigned when the user subscribes for a telecommunication service provided by the 

5 network operator. 

1 42. The method recited in claim 40, wherein the first service response value 

2 is calculated by an A3 algorithm module contained in the subscriber identification 

3 module of the mobile station based on the first secret key and the random number. 

1 43. The method recited in claim 41 , wherein the second service response 

2 value is calculated by an A3 algorithm module, contained in the authentication center 

3 of the telecom infrastructure, based on the second secret key, contained in the 

4 authentication center of the telecom infrastructure, and the random number. 
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1 44. The method recited in claim 42, wherein the mobile station is a cellular 

2 phone with GSM authentication capability connected to a processor based system, 

3 or a WAP-capable cellular phone with GSM authentication capability, or a HTML 

4 capable cellular phone with GSM authentication capability. 

1 45. The method recited in claim 43, wherein the content is encrypted by the 

2 network operator using a cipher key, calculated by an A8 algorithm module based 

3 on the random number and the second secret key and supplied by the network 

4 operator, prior to transmitting the content to the user. 

1 46, The method recited in claim 44, further comprising: 

2 decrypting the content received by from the network operator by the mobile 

3 station using an A8 algorithm module contained in the subscriber identification 

4 module of the mobile station to generate a cipher key based on the random number 

5 and the first secret key. 

1 47. The method recited in claim 45, wherein the cipher key is used as a 

2 seed to a cryptographic protocol which transforms the cipher key into a stronger 

3 cipher key. 

1 48. The method recited in claim 37, wherein the user is billed by the 

2 network operator for the content in a telephone bill. 
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1 49. A method of ordering, paying for and delivering goods and services, 

2 comprising: 

3 ordering and paying for a plurality of contents by a user selected from a 

4 content provider; 

5 transmitting a plurality of first service response values calculated by the user 

6 to the content provider; 

7 calculating a plurality of second service response values by a network 

8 operator when the user requests the content from the network operator; 

9 verifying, by the network operator contacting the content provider, that a one 

10 of the plurality of first service response values matches a one of the plurality of 

1 1 second service response values; and 

1 2 transmitting a content of the plurality of contents to the user by the network 

1 3 operator when the one of the plurality of first service response values matches the 

14 one of the plurality of second service response values. 

1 50. The method recited in claim 49, wherein the plurality of first service 

2 response values are calculated by the user based on a plurality of random numbers 

3 supplied by the content provider and a first secret key possessed by the user. 

1 51 . The method recited in claim 49, wherein the plurality of second service 

2 response values are calculated by the network operator based on the plurality of 

3 random numbers received from the user and a second secret key possessed by the 

4 network operator and associated with the user. 
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1 52. The method recited in claim 50, wherein the first secret key is contained 

2 in a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile station may not 

4 discover the value of the secret key. 

1 53. The method recited in claim 51, wherein the second secret key is 

2 stored in an authentication center of a telecom infrastructure operated by the network 

3 operator and the first secret key and the second secret key are identical and 

4 assigned when the user subscribes for a telecommunication service provided by the 

5 network operator. 

1 54. The method recited in claim 52, wherein the plurality of first service 

2 response values are calculated by an A3 algorithm module contained in the 

3 subscriber identification module of the mobile station based on the first secret key 

4 and the plurality of random numbers. 

1 55. The method recited in claim 53, wherein and the plurality of second 

2 service response values are calculated by an A3 algorithm module, contained in the 

3 authentication center of the telecom infrastructure based on the second secret key, 

4 contained in the authentication center of the telecom infrastructure, and the plurality 

5 of random numbers. 
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1 56. The method recited in claim 54, wherein the mobile station is a cellular 

2 phone with GSM authentication capability connected to a processor based system, 

3 or a WAP-capable cellular phone with GSM authentication capability, or a HTML 

4 capable cellular phone with GSM authentication capability. 

1 57. The method recited in claim 55, wherein the content of the plurality of 

2 contents is encrypted by the network operator using a cipher key, calculated by an 

3 A8 algorithm module based on a random number of the plurality of random numbers 

4 and the second secret key, prior to transmitting the content of the plurality of 

5 contents to the user. 

1 58. The method recited in claim 56, further comprising: 

2 decrypting the content of the plurality of contents by the mobile station using 

3 an A8 algorithm module contained in the subscriber identification module of the 

4 mobile station to generate a cipher key based on the random number of the plurality 

5 of random numbers and the first secret key. 

1 59. The method recited in claim 57, wherein the cipher key is used as a 

2 seed to a cryptographic protocol which transforms the cipher key into a stronger 

3 cipher key. 
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1 60. The method recited in claim 49, wherein the user pays the content 

2 provider for the plurality of contents, using a credit card, debit card, or electronic 

3 transferral of funds. 

1 61. A computer program executable by a processor and embodied on a 

2 computer readable medium to pay for and deliver goods and services, comprising: 

3 an A3 algorithm module code segment to compute a service response value 

4 based a secret key, possessed by a user and a network operator, and on a random 

5 number provided by a content provider after a user selects a content having a 

6 content ID to purchase; and 

7 a business model A module code segment to enable a user to select the 

8 content having the content ID from the content provider and receive the random 

9 number from the content provider, transmit the service response value to the content 

1 0 provider computed by the A3 algorithm module code segment, transmit the content 

11 ID, and the random number to a network operator and receive the content from the 

12 network operator based on verification of the content ID, the random number, and 

1 3 the service response value by the content provider. 

1 62. The computer program recited in claim 61 , further comprising: 

2 an A8 algorithm module code segment to compute a cipher key based on the 

3 random number and the secret key and used to encrypt the content. 
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1 63. The computer program recited in claim 62, wherein the secret key is 

2 contained in a subscriber identification module provided by the network operator and 

3 contained in the mobile station in such a manner that the user and the mobile station 

4 may not discover the value of the secret key and the secret key is also stored in a 

5 authentication center of a telecom infrastructure operated by the network operator. 

1 64. The computer program recited in claim 63, wherein the mobile station 

2 is a cellular phone with GSM authentication capability connected to a processor 

3 based system, or a WAP-capable cellular phone with GSM authentication capability, 

4 or a HTML capable cellular phone with GSM authentication capability. 

1 65. The computer program recited in claim 64, wherein the user pays the 

2 content provider for the content, using a credit card, debit card, or electronic 

3 transferral of funds. 

1 66. A computer program executable by a processor and embodied on a 

2 computer readable medium to pay for and deliver goods and services, comprising: 

3 an A3 algorithm module code segment to compute a service response value 

4 based a secret key, possessed by a user and a network operator, and on a random 

5 number provided by a content provider after a user selects a content having a 

6 content ID to purchase; and 

7 a business model B module code segment to enable a user to select the 

8 content having the content ID from the content provider and receive the random 
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9 number from the content provider, transmits a mobile network identifier and the 

1 0 service response value to the content provider computed by the A3 algorithm module 

11 code segment, transmit the content ID, and the random number to a network 

12 operator and receive the content from the content provider based on verification of 

13 the content ID, the random number, and the service response value by the content 

14 provider and the network operator. 

1 67. The computer program recited in claim 66, further comprising: 

2 an A8 algorithm module code segment to compute a cipher key based on the 

3 random number and the secret key and used to encrypt the content. 

1 68. The computer program recited in claim 67, wherein the secret key is 

2 contained in a subscriber identification module provided by the network operator and 

3 contained in the mobile station in such a manner that the user and the mobile station 

4 may not discover the value of the secret key and the secret key is also stored in a 

5 authentication center of a telecom infrastructure operated by the network operator. 

1 69. The computer program recited in claim 68, wherein the mobile station 

2 is a cellular phone with GSM authentication capability connected to a processor 

1 based system, ora WAP-capable cellular phone with GSM authentication capability, 

2 or a HTML capable cellular phone with GSM authentication capability. 
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1 70. The computer program recited in claim 66, wherein the business model 

2 B module code segment bills the user for the content in a telephone bill network 

3 operator. 

1 71. The computer program recited in claim 66, further comprising: 

2 a one-way hash function code segment contained in the mobile station and 

3 the network operator to generate a hashed number based on the random number, 

4 a seller ID and a price for the content; and 

5 the A3 algorithm module code segment contained in the mobile station and 

6 the network operator to generate the first service response value calculated by the 

7 mobile station based on the secret key and hashed number and the second service 

8 response calculated by network operator based on the secret key and a seller ID, 

9 random number and price transmitted by the content provider to the network 

10 provider, wherein the user is billed for the price in a telephone bill when the first 

1 1 service response value matches the second service response value. 

1 72. The computer program recited in claim 71 , further comprising: 

2 a cryptographic protocol which uses the cipher key as a seed to transform the 

3 cipher key into a stronger cipher key. 

1 73. A computer program executable by a processor and embodied on a 

2 computer readable medium to pay for and deliver goods and services, comprising: 
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3 an A3 algorithm module code segment to compute a service response value 

4 based a secret key, possessed by a user and a network operator, and on a random 

5 number provided by a network operator after a user selects a content having a 

6 content ID to purchase; and 

7 a business model C module code segment to enable a user to select the 

8 content having the content ID from the network operator and receive the random 

9 number from the network operator, transmits the service response value to the 

1 0 network operator computed by the A3 algorithm module code segment, transmit the 

1 1 content ID, and the random number to a content provider and receive the content 

12 from the content provider based on verification of the content ID, the random 

1 3 number, and the service response value having been sent by the network provider. 



1 74. The computer program recited in claim 73, further comprising: 

2 an A8 algorithm module code segment to compute a cipher key based on the 

3 random number and the secret key and used to encrypt the content. 



1 75. The computer program recited in claim 74, wherein the secret key is 

2 contained in a subscriber identification module provided by the network operator and 

3 contained in the mobile station in such a manner that the user and the mobile 

4 station may not discover the value of the secret key and the secret key is also stored 

5 in a authentication center of a telecom infrastructure operated by the network 

6 operator. 
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1 76. The computer program recited in claim 75, wherein the mobile station 

2 is a cellular phone with GSM authentication capability connected to a processor 

3 based system, or a WAP-capable cellular phone with GSM authentication capability, 

4 or a HTML capable cellular phone with GSM authentication capability. 



1 77. The computer program recited in claim 73, wherein the business model 

2 C module code segment bills the user for the content in a telephone bill from the 

3 network operator. 



1 78. A computer program executable by a processor and embodied on a 

2 computer readable medium to pay for and deliver goods and services, comprising: 

3 an A3 algorithm module code segment to compute a service response value 

4 based a secret key, possessed by a user and a network operator, and on a random 

5 number provided by a network operator after a user selects a content having a 

6 content ID to purchase; and 

7 a business model D module code segment to enable a user to select the 

8 content having the content ID from the network operator and receive the random 

9 number from the network operator, transmits the service response value to the 

1 0 network operator computed by the A3 algorithm module code segment, transmit the 

1 1 content based on verification of the service response value having been sent by the 

12 user. 
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1 79. The computer program recited in claim 78, further comprising: 

2 an A8 algorithm module code segment to compute a cipher key based on the 

3 random number and the secret key and used to encrypt the content. 

1 80. The computer program recited in claim 79, wherein the secret key is 

2 contained in a subscriber identification module provided by the network operator and 

3 contained in the mobile station in such a manner that the user and the mobile station 

4 may not discover the value of the secret key and the secret key is also stored in a 

5 authentication center of a telecom infrastructure operated by the network operator. 

1 81 . The computer program recited in claim 80, wherein the mobile station 

2 is a cellular phone with GSM authentication capability connected to a processor 

3 based system, or a WAP-capable cellular phone with GSM authentication capability, 

4 or a HTML capable cellular phone with GSM authentication capability. 

1 82. The computer program recited in claim 78, wherein the business model 

2 D module code segment bills the user for the content in a telephone bill from the 

3 network operator. 

1 83. A computer program executable by a processor and embodied on a 

2 computer readable medium to pay for and deliver goods and services, comprising: 

3 an A3 algorithm module code segment to compute a plurality of service 

4 response values based a secret key, possessed by a user and a network operator, 
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5 and on a plurality of random numbers provided by a content provider after a user 

6 selects a plurality of contents having a plurality of content IDs to purchase; and 

7 a business model E module code segment to enable a user to select the 

8 plurality of contents having the plurality of content IDs from the content provider and 

9 receive the plurality of random numbers from the content provider, transmit the 

10 plurality of service response values to the content provider computed by the A3 

1 1 algorithm module code segment, transmit one content ID of the plurality of content 

12 IDs, and one random number of the plurality of random numbers to a network 

1 3 operator and receive the content from the network operator based on verification of 

14 the one content ID, the one random number, and the one service response value by 

1 5 the content provider. 

1 84. The computer program recited in claim 83, further comprising: 

2 an A8 algorithm module code segment to compute a cipher key based on the 

3 one random number and the secret key and used to encrypt the one content. 

1 85. The computer program recited in claim 84, wherein the secret key is 

2 contained in a subscriber identification module provided by the network operator and 

3 contained in the mobile station in such a manner that the user and the mobile station 

4 may not discover the value of the secret key and the secret key is also stored in a 

5 authentication center of a telecom infrastructure operated by the network operator. 
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1 86. The computer program recited in claim 85, wherein the mobile station 

2 is a cellular phone with GSM authentication capability connected to a processor 

3 based system, or a WAP-capable cellular phone with GSM authentication capability, 

4 or a HTML capable cellular phone with GSM authentication capability. 



1 87. The computer program recited in claim 83, wherein the user pays the 

2 content provider for the content, using a credit card, debit card, or electronic 

3 transferal of funds. 



1 88. A system to pay for and deliver goods and services, comprising: 

2 an A3 algorithm module to compute a service response value based a secret 

3 key, possessed by a user and a network operator, and on a random number 

4 provided by a content provider after a user selects a content having a content ID to 

5 purchase; and 

6 a business model A module to enable a user to select the content having the 

7 content ID from the content provider and receive the random number from the 

8 content provider, transmit the service response value to the content provider 

9 computed by the A3 algorithm module, transmit the content ID, and the random 

10 number to a network operator and receive the content from the network operator 

11 based on verification of the content ID, the random number, and the service 

1 2 response value by the content provider. 
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1 89. The system recited in claim 88, further comprising: 

2 an A8 algorithm module to compute a cipher key based on the random 

3 number and the secret key and used to encrypt the content. 

1 90. The system recited in claim 89, wherein the secret key is contained in 

2 a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile station may not 

4 discover the value of the secret key and the secret key is also stored in a 

5 authentication center of a telecom infrastructure operated by the network operator. 

1 91 . The system recited in claim 90, wherein the mobile station is a cellular 

2 phone with GSM authentication capability connected to a processor based system, 

3 or a WAP-capable cellular phone with GSM authentication capability, or a HTML 

4 capable cellular phone with GSM authentication capability. 

1 92. The system recited in claim 88, wherein the user pays the content 

2 provider for the content, using a credit card, debit card, or electronic transferral of 

3 funds. 

1 93. A system to pay for and deliver goods and services, comprising: 

2 an A3 algorithm module to compute a service response value based a secret 

3 key, possessed by a user and a network operator, and on a random number 
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4 provided by a content provider after a user selects a content having a content ID to 

5 purchase; and 

6 a business model B module to enable a user to select the content having the 

7 content ID from the content provider and receive the random number from the 

8 content provider, transmits a mobile network identifier and the service response 

9 value to the content provider computed by the A3 algorithm module, transmit the 

1 0 content ID, and the random number to a network operator and receive the content 

11 from the content provider based on verification of the content ID, the random 

12 number, and the service response value by the content provider and the network 

13 operator. 

1 94. The system recited in claim 93, further comprising: 

2 an A8 algorithm module to compute a cipher key based on the random 

3 number and the secret key and used to encrypt the content. 

1 95. The system recited in claim 94, wherein the secret key is contained in 

2 a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile station may not 

4 discover the value of the secret key and the secret key is also 

5 stored in a authentication center of a telecom infrastructure operated by the network 

6 operator. 
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1 96. The system recited in claim 95, wherein the mobile station is a cellular 

2 phone with GSM authentication capability connected to a processor based system, 

3 or a WAP-capable cellular phone with GSM authentication capability, or a HTML 

4 capable cellular phone with GSM authentication capability. 

1 97. The system recited in claim 93, wherein the business model B module 

2 bills the user for the content in a telephone bill network operator. 

1 98. The system recited in claim 93, further comprising: 

2 a one-way hash function contained in the mobile station and the network 

3 operatorto generate a hashed number based on the random number, a seller ID and 

4 a price for the content; and 

5 the A3 algorithm module contained in the mobile station and the network 

6 operator to generate the first service response value calculated by the mobile station 

7 based on the secret key and hashed number and the second service response 

8 calculated by network operator based on the secret key and a seller ID, random 

9 number and price transmitted by the content provider to the network operator, 

10 wherein the user is billed for the price in a telephone bill when the first service 

1 1 response value matches the second service response value. 

12 99. The system recited in claim 98, further comprising: 

1 3 a cryptographic protocol which uses the cipher key as a seed to transform the 

14 cipher key into a stronger cipher key. 
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1 100. A system to pay for and deliver goods and services, comprising: 

2 an A3 algorithm module to compute a service response value based a secret 

3 key, possessed by a user and a network operator, and on a random number 

4 provided by a network operator after a user selects a content having a content ID to 

5 purchase; and 

6 a business model C module to enable a user to select the content having the 

7 content ID from the network operator and receive the random number from the 

8 network operator, transmits the service response value to the network operator 

9 computed by the A3 algorithm module, transmit the content ID, and the random 

10 number to a content provider and receive the content from the content provider 

11 based on verification of the content ID, the random number, and the service 

12 response value having been sent by the network provider. 



1 101. The system recited in claim 100, further comprising: 

2 an A8 algorithm module to compute a cipher key based on the random 

3 number and the secret key and used to encrypt the content. 



1 1 02. The system recited in claim 101, wherein the secret key is contained 

2 in a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile 

4 station may not discover the value of the secret key and the secret key is also stored 

5 in a authentication center of a telecom infrastructure operated by the network 

6 operator. 
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1 103. The system recited in claim 102, wherein the mobile station is a 

2 cellular phone with GSM authentication capability connected to a processor based 

3 system, or a WAP-capable cellular phone with GSM authentication capability, or a 

4 HTML capable cellular phone with GSM authentication capability. 

1 104. The system recited in claim 103, wherein the business model C 

2 module bills the user for the content in a telephone bill from the network operator. 

1 105. A system to pay for and deliver goods and services, comprising: 

2 an A3 algorithm module to compute a service response value based a secret 

3 key, possessed by a user and a network operator, and on a random number 

4 provided by a network operator after a user selects a content having a content I D to 

5 purchase; and 

6 a business model D module to enable a user to select the content having the 

7 content ID from the network operator and receive the random number from the 

8 network operator, transmits the service response value to the network operator 

9 computed by the A3 algorithm module, transmit the content based on verification of 
10 the service response value having been sent by the user. 

1 106. The system recited in claim 105, further comprising: 

2 an A8 algorithm module to compute a cipher key based on the random 

3 number and the secret key and used to encrypt the content. 
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1 1 07. The system recited in claim 1 06, wherein the secret key is contained 

2 in a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile station may not 

4 discover the value of the secret key and the secret key is also stored in a 

5 authentication center of a telecom infrastructure operated by the network operator. 

1 108. The system recited in claim 107, wherein the mobile station is a 

2 cellular phone with GSM authentication capability connected to a processor based 

3 system, or a WAP-capable cellular phone with GSM authentication capability, or a 

4 HTML capable cellular phone with GSM authentication capability. 

1 109. The system recited in claim 105, wherein the business model D 

2 module bills the user for the content in a telephone bill from the network operator. 

1 110. A system to pay for and deliver goods and services, comprising: 

2 an A3 algorithm module to compute a plurality of service response values 

3 based a secret key, possessed by a user and a network operator, and on a plurality 

4 of random numbers provided by a content provider after a user selects a plurality of 

5 contents having a plurality of content IDs to purchase; and 

6 a business model E module to enable a user to select the plurality of contents 

7 having the plurality of content IDs from the content provider and receive the plurality 

8 of random numbers from the content provider, transmit the plurality of service 

9 response values to the content provider computed by the A3 algorithm module, 
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10 transmit one content ID of the plurality of content IDs, and one random number of the 

1 1 plurality of random numbers to a network operator and receive the content from the 

12 network operator based on verification of the one content ID, the one random 

13 number, and the one service response value by the content provider. 

1 111. The system recited in claim 110, further comprising: 

2 an A8 algorithm module to compute a cipher key based on the one random 

3 number and the secret key and used to encrypt the one content. 

1 112. The system recited in claim 111, wherein the secret key is contained 

2 in a subscriber identification module provided by the network operator and contained 

3 in the mobile station in such a manner that the user and the mobile station may not 

4 discover the value of the secret key and the secret key is also stored in an 

5 authentication center of a telecom infrastructure operated by the network operator. 

1 113. The system recited in claim 112, wherein the mobile station is a 

2 cellular phone with GSM authentication capability connected to a processor based 

3 system, or a WAP-capable cellular phone with GSM authentication capability, or a 

4 HTML capable cellular phone with GSM authentication capability. 

1 114. The system recited in claim 108, wherein the user pays the content 

2 provider for the content, using a credit card, debit card, or electronic transferral of 

3 funds. 
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Abstract of the Disclosure 

A system, method and computer program for ordering, paying for and 
delivering goods and services from a content provider to a user which assures the 
content provider that he will be paid and that assures the user that he will receive the 
content at an agreed upon price. Thus, this system, method and computer program 
facilitates business transactions occurring between parties who do not know each 
other by using a trusted third party to either take the user's order, deliver to the 
user's order, and/or bill the user the correct amount for the goods and services 
contracted for. This system, method and computer program relies on the Global 
System for Mobile (GSM) communications system to authenticate the user and 
provide algorithms and modules that are used to generate cipher keys and service 
responses so as to insure the content provider will be paid and that the user will not 
be overcharged. Further, these algorithms and modules are used to encrypt 
important information so as to prevent third parties from intercepting this important 
information. Five business model modules are detailed with numerous variations 
possible to accomplish the task of facilitating business transactions between parties 
that do not necessarily know or trust each other. 
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USER VISITS, E.G. WEB SITE OF CONTENT 
PROVIDER. HE CHOOSES A CONTENT ITEM 
AND PAYS FOR IT E.G. BY GIVING HIS CREDIT 
CARD NUMBER OR BY OTHER METHOD 



CONTENT PROVIDER SENDS TO USER 
(CID, RAND). USER COMPUTES SRES. 



360- 



USER SENDS SRES TO CONTENT 
PROVIDER. CONTENT PROVIDER STORES 
(CID, RAND, SRES) IN HIS DATABASE 



FIG. 6 



370. 



USER SENDS (CID, RAND) TO NETWORK 
OPERATOR 



380- 



NETWORK OPERATOR COMPUTES SRES AND 
Kc 



390- 



NETWORK OPERATOR SENDS (CID, RAND, SRES) 
TO CONTENT PROVIDER 



400- 



430- 



CONTENT PROVIDER CHECKS IF 
(CID, RAND, SRES) ARE STORED IN HIS DATABASE 




^420 



SEND NEGATIVE 
ACKNOWLEDGEMENT 
TO NETWORK 
OPERATOR 



SEND POSITIVE ACKNOWLEDGEMENT TO 
NETWORK OPERATOR 



440- 



NETWORK OPERATOR ENCRYPTS CONTENT 
WITH Kc AND SENDS IT TO USER 



450- 



USER DECRYPTS CONTENT AND INSTALLS IT 
ON HIS MOBILE PHONE 



FIG. 7 



^ USER VISITS, E.G. THE WEB SITE OF CONTENT 
PROVIDER. HE CHOOSES A CONTENT ITEM. 

T 

CONTENT PROVIDER SENDS USER RAND. USER COMPUTES 
(SRES, Kc) AND SENDS SRES TO CONTENT PROVIDER 
TOGETHER WITH HIS MOBILE NETWORK IDENTIFIER 
* 

CONTENT PROVIDER SENDS CID, MOBILE NETWORK 
INDENTIFIER AND (RAND, SRES) TO MOBILE NETWORK 
OPERATOR 

t ~~ 

^ OPERATOR COMPUTES SRES AND Kc FROM 
RAND 




CHARGE SUBSCRIBER FOR THE CONTENT. SEND POSITIVE 
ACKNOWLEDGEMENT TO CONTENT PROVIDER. THE 
ACKNOWLEDGEMENT CONTAINS Kc. 

t 

CONTENT PROVIDER SENDS THE CONTENT ENCRYPTED 
WITH Kc TO THE USER 



FIG. 8 



USER VISITS, E.G. THE WEB SITE OF NETWORK 
OPERATOR. HE GHOOSES A CONTENT ITEM WITH 
IDENTIFIER CID. 

NETWORK OPERATOR SENDS THE USER A RANDOM 
NUMBER (RAND). USER REPLIES WITH SRES. 




NETWORK OPERATOR CHARGES THE USER 
FOR CONTENT CID 

NETWORK OPERATOR SENDS (CID, RAND, SRES, Kc) TO 
CONTENT PROVIDER. CONTENT PROVIDER STORES 
CID, RAND, SRES, Kc IN ITS DATABASE 



FIG. 9 



USER VISITS, E.G. THE WEB SITE OF THE CONTENT 
PROVIDER AND SENDS (CID, RAND, E(Kc, SRES)) 

TO THE CONTENT PROVIDER 

i 

CONTENT PROVIDER SEARCHES ITS DATABASE FOR 
AN ENTRY STARTING WITH (CID, RAND). 




CONTENT PROVIDER DECRYPTS (Kc, SRES) 
RECEIVED FROM THE USER 




CONTENT PROVIDER ENCRYPTS THE CONTENT WITH 
Kc AND SENDS IT TO THE USER 



FIG. 10 



USER VISITS, E.G. A WEB SITE OF NETWORK 
71 0 ^ OPERATOR. HE CHOOSES A CONTENT ITEM WITH 
AN IDENTIFIER CiD. 



720 ^ 



NETWORK OPERATOR SENDS USER RAND; 
USER REPLIES WITH SRES 




-740 



TRANSACTION 
FAILS 



NETWORK OPERATOR CHARGES THE USER FOR THE 
CONTENT CID 



NETWORK OPERATOR STORES (CID, RAND, SRES, Kc) 
IN ITS DATABASE 



FIG. 11 



USER VISITS, E.G. THE WEB SITE OF NETWORK 
OPERATOR AND SENDS TO THE NETWORK OPERATOR 
CID, RAND, E{Kc, S RES) 

NETWORK OPERATOR SEARCHES HIS DATABASE FOR 
AN ENTRY STARTING WITH (CID, RAND,...) 




NETWORK OPERATOR DECRYPTS (Kc, SRES) 




NETWORK OPERATOR ENCRYPTS THE CONTENT 
WITH Kc AND SENDS IT TO THE USER 



FIG. 12 



USER VISITS, E.G. THE WEB SITE OF CONTENT 
PROVIDER. HE CHOOSES SEVERAL CONTENT ITEMS 
AND PAYS FOR THEM BY, E.G. GIVING HIS CREDIT 
CARD NUMER OR BY SOME OTHER WAY 



CONTENT PROVIDER SENDS TO USER SERIAL 
NUMBER OF THE PURCHASE, N, A LIST OF IDEN- 
TIFIERS OF THE CONTENT (CID1, CID2, CIDn) 
AND A LIST OF RANDOM NUMBERS (RAND1, 
RAND2, .... RANDn) FROM WHICH USER COMPUTES 
THE LIST (SRES1, SRES2,..., SRESn) 



USER SENDS (SRES1, SRES2, SRESn) TO 
CONTENT PROVIDER. CONTENT PROVIDER STORES 
N, (CID1, .... CIDn), (RAND1, RANDn), (SRES1, 
SRESn) AND A MASK (M1.M2M .... Mn) = (1,1 ,...,1) IN 
HIS DATABASE 



FIG. 13 



USER WANTS TO DOWNLOAD CONTENT IDENTIFIED BY 
CID2. HE SENDS TO NETWORK OPERATOR N, 
CID2 AND RAND2 



89(K 



NETWORK OPERATOR COMPUTES SRES2 FROM 
RAND 2 



900 - 



NETWORK OPERATOR SENDS (N, 2, CID2, RAND2, SRES2) 
TO CONTENT PROVIDER 



910 ^ 



CONTENT VENDOR CHECKS IF DATABASE 
ENTRY (N,...) EXISTS. 




^930 



SEND NEGATIVE 
ACKNOWLEDGEMENT 
TO NETWORK 



r*- OPERATOR 



CONTENT VENDOR SETS M2=0. SENDS POSITIVE 
ACKNOWLEDGEMENT TO NETWORK OPERATOR 



960. 



NETWORK OPERATOR ENCRYPTS THE CONTENT WITH 
Kc AND SENDS IT TO THE USER. USER DECRYPTS THE 
CONTENT AND INSTALLS IT ON HIS MOBILE STATION 



FIG. 14 



140- 



170 



.180 



RAND 




SELLER 
ID 




PRICE 















-190 




-195 



